hfs 0.1.6 → 0.26.2

package/src/apiMiddleware.js

@@ -0,0 +1,136 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SendListReadable = exports.apiMiddleware = exports.ApiError = void 0;
+const sse_1 = __importDefault(require("./sse"));
+const stream_1 = require("stream");
+const misc_1 = require("./misc");
+const events_1 = __importDefault(require("./events"));
+const const_1 = require("./const");
+const lodash_1 = __importDefault(require("lodash"));
+class ApiError extends Error {
+    constructor(status, message) {
+        super(typeof message === 'string' ? message : message === null || message === void 0 ? void 0 : message.message);
+        this.status = status;
+    }
+}
+exports.ApiError = ApiError;
+function apiMiddleware(apis) {
+    return async (ctx) => {
+        const params = ctx.method === 'POST' ? await getJsonFromReq(ctx.req)
+            : (0, misc_1.objSameKeys)(ctx.request.query, x => Array.isArray(x) ? x : (0, misc_1.tryJson)(x));
+        console.debug('API', ctx.method, ctx.path, { ...params });
+        if (!apis.hasOwnProperty(ctx.path)) {
+            ctx.body = 'invalid api';
+            return ctx.status = 404;
+        }
+        const csrf = ctx.cookies.get('csrf');
+        // we don't rely on SameSite cookie option because it's https-only
+        let res = csrf && csrf !== params.csrf ? new ApiError(const_1.UNAUTHORIZED, 'csrf')
+            : await apis[ctx.path](params || {}, ctx);
+        if (isAsyncGenerator(res))
+            res = (0, misc_1.asyncGeneratorToReadable)(res);
+        if (res instanceof stream_1.Readable) { // Readable, we'll go SSE-mode
+            res.pipe((0, sse_1.default)(ctx));
+            const stillRes = res; // satisfy ts
+            ctx.req.on('close', () => // by closing the generated stream, creator of the stream will know the request is over without having to access anything else
+             stillRes.destroy());
+            return;
+        }
+        if (res instanceof ApiError) {
+            ctx.body = res.message;
+            return ctx.status = res.status;
+        }
+        if (res instanceof Error) { // generic exception
+            ctx.body = String(res);
+            return ctx.status = 400;
+        }
+        ctx.body = res;
+    };
+}
+exports.apiMiddleware = apiMiddleware;
+function isAsyncGenerator(x) {
+    return typeof (x === null || x === void 0 ? void 0 : x.next) === 'function';
+}
+async function getJsonFromReq(req) {
+    return new Promise((resolve, reject) => {
+        let data = '';
+        req.on('data', chunk => data += chunk);
+        req.on('error', reject);
+        req.on('end', () => {
+            try {
+                resolve(data && JSON.parse(data));
+            }
+            catch (e) {
+                reject(e);
+            }
+        });
+    });
+}
+class SendListReadable extends stream_1.Readable {
+    constructor({ addAtStart, doAtStart, bufferTime } = {}) {
+        super({ objectMode: true, read() { } });
+        this.buffer = [];
+        if (!bufferTime)
+            bufferTime = 100;
+        this.processBuffer = lodash_1.default.debounce(() => {
+            this.push(this.buffer);
+            this.buffer = [];
+        }, bufferTime, { maxWait: bufferTime });
+        this.on('end', () => this.destroy());
+        if (doAtStart)
+            setTimeout(() => doAtStart(this)); // work later, when list object has been received by Koa
+        if (addAtStart) {
+            for (const x of addAtStart)
+                this.add(x);
+            this.ready();
+        }
+    }
+    _push(rec) {
+        this.buffer.push(rec);
+        if (this.buffer.length > 10000) // hard limit
+            this.processBuffer.flush();
+        else
+            this.processBuffer();
+    }
+    add(rec) {
+        this._push({ add: rec });
+    }
+    remove(key) {
+        this._push({ remove: [key] });
+    }
+    update(search, change) {
+        this._push({ update: [{ search, change }] });
+    }
+    ready() {
+        this._push('ready');
+    }
+    custom(data) {
+        this._push(data);
+    }
+    error(msg, close = false) {
+        this._push({ error: msg });
+        this.lastError = msg;
+        if (close)
+            this.close();
+    }
+    getLastError() {
+        return this.lastError;
+    }
+    close() {
+        this.processBuffer.flush();
+        this.push(null);
+    }
+    events(ctx, eventMap) {
+        const off = (0, misc_1.onOff)(events_1.default, eventMap);
+        ctx.res.once('close', off);
+        return this;
+    }
+    isClosed() {
+        return this.destroyed;
+    }
+}
+exports.SendListReadable = SendListReadable;

package/src/block.js

@@ -0,0 +1,33 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.applyBlock = void 0;
+const config_1 = require("./config");
+const connections_1 = require("./connections");
+const misc_1 = require("./misc");
+const cidr_tools_1 = __importDefault(require("cidr-tools"));
+const lodash_1 = __importDefault(require("lodash"));
+(0, config_1.defineConfig)('block', []).sub(rules => {
+    compileBlock(rules);
+    for (const { socket, ip } of (0, connections_1.getConnections)())
+        applyBlock(socket, ip);
+});
+let blockFunctions = []; // "compiled" versions of the rules in config.block
+function compileBlock(rules) {
+    blockFunctions = !Array.isArray(rules) ? []
+        : (0, misc_1.onlyTruthy)(rules.map(rule => !rule ? null
+            : (0, misc_1.with_)(rule.ip, ip => typeof ip !== 'string' ? null
+                : ip.includes('/') ? x => cidr_tools_1.default.contains(ip, x)
+                    : ip.includes('*') ? (0, misc_1.with_)(ipMask2regExp(ip), re => x => re.test(x))
+                        : x => x === ip)));
+    function ipMask2regExp(ipMask) {
+        return new RegExp(lodash_1.default.escapeRegExp(ipMask).replace(/\\\*/g, '.*'));
+    }
+}
+function applyBlock(socket, ip = (0, connections_1.normalizeIp)(socket.remoteAddress || '')) {
+    if (ip && blockFunctions.find(rule => rule(ip)))
+        return socket.destroy();
+}
+exports.applyBlock = applyBlock;

package/src/commands.js

@@ -0,0 +1,105 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const perm_1 = require("./perm");
+const config_1 = require("./config");
+const lodash_1 = __importDefault(require("lodash"));
+const update_1 = require("./update");
+const yaml_1 = __importDefault(require("yaml"));
+const const_1 = require("./const");
+console.log(`HINT: type "help" for help`);
+require('readline').createInterface({ input: process.stdin }).on('line', (line) => {
+    if (!line)
+        return;
+    const [name, ...params] = line.trim().split(/ +/);
+    const cmd = commands[name];
+    if (!cmd)
+        return console.error("cannot understand entered command, try 'help'");
+    if (cmd.cb.length > params.length)
+        return console.error("insufficient parameters, expected: " + cmd.params);
+    cmd.cb(...params).then(() => console.log("+++ command executed"), (err) => {
+        if (typeof err === 'string')
+            console.error("command failed:", err);
+        else
+            throw err;
+    });
+});
+const commands = {
+    help: {
+        params: '',
+        async cb() {
+            console.log("supported commands:", ...lodash_1.default.map(commands, ({ params }, name) => '\n - ' + name + ' ' + params));
+        }
+    },
+    'create-admin': {
+        params: '<password> [<username>=admin]',
+        async cb(password, username = 'admin') {
+            if ((0, perm_1.getAccount)(username))
+                throw `user ${username} already exists`;
+            const acc = (0, perm_1.addAccount)(username, { admin: true });
+            await (0, perm_1.updateAccount)(acc, acc => {
+                acc.password = password;
+            });
+        }
+    },
+    'change-password': {
+        params: '<user> <password>',
+        async cb(user, password) {
+            const acc = (0, perm_1.getAccount)(user);
+            if (!acc)
+                throw "user doesn't exist";
+            await (0, perm_1.updateAccount)(acc, acc => {
+                acc.password = password;
+            });
+        }
+    },
+    config: {
+        params: '<key> <value>',
+        async cb(key, value) {
+            const conf = (0, config_1.getConfigDefinition)(key);
+            if (!conf)
+                throw "specified key doesn't exist";
+            let v = value;
+            try {
+                v = JSON.parse(v);
+            }
+            catch (_a) { }
+            (0, config_1.setConfig)({ [key]: v });
+        }
+    },
+    'show-config': {
+        params: '<key>',
+        async cb(key) {
+            const conf = (0, config_1.getConfigDefinition)(key);
+            if (!conf)
+                throw "specified key doesn't exist";
+            console.log(yaml_1.default.stringify((0, config_1.getConfig)(key), { lineWidth: 1000 }).trim());
+        }
+    },
+    quit: {
+        params: '',
+        async cb() {
+            process.exit(0);
+        }
+    },
+    update: {
+        params: '',
+        cb: update_1.update
+    },
+    'check-update': {
+        params: '',
+        async cb() {
+            const update = await (0, update_1.getUpdate)();
+            console.log("new version available", update.name);
+        }
+    },
+    version: {
+        params: '',
+        async cb() {
+            console.log(const_1.VERSION);
+            console.log(const_1.BUILD_TIMESTAMP);
+        }
+    },
+};

package/src/config.js

@@ -0,0 +1,172 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.saveConfigAsap = exports.setConfig = exports.getWholeConfig = exports.getConfig = exports.getConfigDefinition = exports.defineConfig = void 0;
+const events_1 = __importDefault(require("events"));
+const const_1 = require("./const");
+const watchLoad_1 = require("./watchLoad");
+const yaml_1 = __importDefault(require("yaml"));
+const lodash_1 = __importDefault(require("lodash"));
+const misc_1 = require("./misc");
+const fs_1 = require("fs");
+const util_1 = require("util");
+const path_1 = require("path");
+const events_2 = __importDefault(require("./events"));
+const FILE = 'config.yaml';
+const configProps = {};
+let started = false; // this will tell the difference for subscribeConfig()s that are called before or after config is loaded
+let state = {};
+const cfgEvents = new events_1.default();
+cfgEvents.setMaxListeners(10000);
+const path = (0, misc_1.with_)(const_1.argv.config || process.env.HFS_CONFIG, p => {
+    if (!p)
+        return FILE;
+    p = (0, path_1.resolve)(const_1.ORIGINAL_CWD, p);
+    try {
+        if ((0, fs_1.statSync)(p).isDirectory()) // try to detect if path points to a folder, in which case we add the standard filename
+            return (0, path_1.join)(p, FILE);
+    }
+    catch (_a) { }
+    return p;
+});
+console.log("config", path);
+const legacyPosition = (0, path_1.join)(const_1.APP_PATH, FILE);
+if (!(0, fs_1.existsSync)(path) && (0, fs_1.existsSync)(legacyPosition))
+    try {
+        (0, fs_1.renameSync)(legacyPosition, path);
+        console.log("moved from legacy position", legacyPosition);
+    }
+    catch (_a) {
+        try { // attempt copying, in case moving the source file proves to be impractical
+            (0, fs_1.copyFileSync)(legacyPosition, path);
+            console.log("copied from legacy position", legacyPosition);
+        }
+        catch (_b) { }
+    }
+const { save } = (0, watchLoad_1.watchLoad)(path, values => setConfig(values || {}, false), {
+    failedOnFirstAttempt() {
+        console.log("No config file, using defaults");
+        setConfig({}, false);
+    }
+});
+function defineConfig(k, defaultValue) {
+    configProps[k] = { defaultValue };
+    return {
+        key() {
+            return k;
+        },
+        get() {
+            return getConfig(k);
+        },
+        sub(cb) {
+            return subscribeConfig(k, cb);
+        },
+        set(v) {
+            if (typeof v === 'function')
+                this.set(v(this.get()));
+            else
+                setConfig1(k, v);
+        }
+    };
+}
+exports.defineConfig = defineConfig;
+function getConfigDefinition(k) {
+    return configProps[k];
+}
+exports.getConfigDefinition = getConfigDefinition;
+const stack = [];
+function subscribeConfig(k, cb) {
+    if (started) // initial event already passed, we'll make the first call
+        cb(getConfig(k));
+    const eventName = 'new.' + k;
+    return (0, misc_1.onOff)(cfgEvents, {
+        [eventName]() {
+            if (stack.includes(cb))
+                return; // avoid infinite loop in case a subscriber changes the value
+            stack.push(cb); // @ts-ignore arguments
+            try {
+                return cb.apply(this, arguments);
+            }
+            finally {
+                stack.pop();
+            }
+        }
+    });
+}
+function getConfig(k) {
+    var _a, _b;
+    return (_a = state[k]) !== null && _a !== void 0 ? _a : lodash_1.default.cloneDeep((_b = configProps[k]) === null || _b === void 0 ? void 0 : _b.defaultValue); // clone to avoid changing
+}
+exports.getConfig = getConfig;
+function getWholeConfig({ omit, only }) {
+    const defs = (0, misc_1.objSameKeys)(configProps, x => x.defaultValue);
+    let copy = lodash_1.default.defaults({}, state, defs);
+    if (omit === null || omit === void 0 ? void 0 : omit.length)
+        copy = lodash_1.default.omit(copy, omit);
+    if (only)
+        copy = lodash_1.default.pick(copy, only);
+    return lodash_1.default.cloneDeep(copy);
+}
+exports.getWholeConfig = getWholeConfig;
+// pass a value to `save` to force saving decision, or leave undefined for auto. Passing false will also reset previously loaded configs.
+function setConfig(newCfg, save) {
+    if (!started) { // first time we consider also CLI args
+        const argCfg = lodash_1.default.pickBy((0, misc_1.objSameKeys)(configProps, (x, k) => const_1.argv[k]), x => x !== undefined);
+        if (!lodash_1.default.isEmpty(argCfg)) {
+            (0, exports.saveConfigAsap)().then(); // don't set `save` argument, as it would interfere below at check `save===false`
+            Object.assign(newCfg, argCfg);
+        }
+    }
+    for (const k in newCfg)
+        apply(k, newCfg[k]);
+    if (save) {
+        (0, exports.saveConfigAsap)().then();
+        return;
+    }
+    if (started) {
+        if (save === false) // false is used when loading whole config, and in such case we should not leave previous values untreated. Also, we need this only after we already `started`.
+            for (const k of Object.keys(state))
+                if (!newCfg.hasOwnProperty(k))
+                    apply(k, newCfg[k]);
+        return;
+    }
+    // first time we emit also for the default values
+    for (const k of Object.keys(configProps))
+        if (!newCfg.hasOwnProperty(k))
+            apply(k, newCfg[k]);
+    started = true;
+    events_2.default.emit('config ready');
+    function apply(k, newV) {
+        return setConfig1(k, newV, save === undefined);
+    }
+}
+exports.setConfig = setConfig;
+function setConfig1(k, newV, saveChanges = true) {
+    var _a;
+    if (lodash_1.default.isPlainObject(newV))
+        newV = lodash_1.default.pickBy(newV, x => x !== undefined);
+    if ((0, misc_1.same)(newV, (_a = configProps[k]) === null || _a === void 0 ? void 0 : _a.defaultValue))
+        newV = undefined;
+    if (started && (0, misc_1.same)(newV, state[k]))
+        return; // no change
+    const was = getConfig(k); // include cloned default, if necessary
+    state[k] = newV;
+    cfgEvents.emit('new.' + k, getConfig(k), was);
+    if (saveChanges)
+        (0, exports.saveConfigAsap)().then();
+}
+exports.saveConfigAsap = (0, misc_1.debounceAsync)(async () => {
+    while (!started)
+        await (0, misc_1.wait)(100);
+    let txt = yaml_1.default.stringify(state, { lineWidth: 1000 });
+    if (txt.trim() === '{}') // most users wouldn't understand
+        if (await (0, util_1.promisify)(fs_1.exists)(path)) // if a file exists then empty it, else don't bother creating it
+            txt = '';
+        else
+            return;
+    save(path, txt)
+        .catch(err => console.error('Failed at saving config file, please ensure it is writable.', String(err)));
+});

package/src/connections.js

@@ -0,0 +1,57 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.updateConnection = exports.socket2connection = exports.getConnections = exports.newConnection = exports.normalizeIp = exports.Connection = void 0;
+const events_1 = __importDefault(require("./events"));
+const lodash_1 = __importDefault(require("lodash"));
+class Connection {
+    constructor(socket) {
+        this.socket = socket;
+        this.started = new Date();
+        this.sent = 0;
+        all.push(this);
+        socket.on('close', () => {
+            all.splice(all.indexOf(this), 1);
+            events_1.default.emit('connectionClosed', this);
+        });
+        events_1.default.emit('connection', this);
+    }
+    get ip() {
+        var _a, _b;
+        return ((_a = this.ctx) === null || _a === void 0 ? void 0 : _a.ip) || ((_b = this._cachedIp) !== null && _b !== void 0 ? _b : (this._cachedIp = normalizeIp(this.socket.remoteAddress || '')));
+    }
+    get secure() {
+        return this.socket.server.cert > '';
+    }
+}
+exports.Connection = Connection;
+function normalizeIp(ip) {
+    return ip.replace(/^::ffff:/, ''); // simplify ipv6-mapped addresses
+}
+exports.normalizeIp = normalizeIp;
+const all = [];
+function newConnection(socket) {
+    new Connection(socket);
+}
+exports.newConnection = newConnection;
+function getConnections() {
+    return all;
+}
+exports.getConnections = getConnections;
+function socket2connection(socket) {
+    return all.find(x => // socket exposed by Koa is TLSSocket which encapsulates simple Socket, and I've found no way to access it for simple comparison
+     x.socket.remotePort === socket.remotePort // but we can still match them because IP:PORT is key
+        && x.socket.remoteAddress === socket.remoteAddress);
+}
+exports.socket2connection = socket2connection;
+function updateConnection(conn, change) {
+    // if no change is detected, skip update. ctx is a special case
+    if (!change.ctx && Object.entries(change).every(([k, v]) => lodash_1.default.isEqual(v, conn[k])))
+        return;
+    Object.assign(conn, change);
+    events_1.default.emit('connectionUpdated', conn, change);
+}
+exports.updateConnection = updateConnection;

package/src/const.js

@@ -0,0 +1,83 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.APP_PATH = exports.IS_WINDOWS = exports.UNAUTHORIZED = exports.FORBIDDEN = exports.NO_CONTENT = exports.METHOD_NOT_ALLOWED = exports.PLUGINS_PUB_URI = exports.API_URI = exports.ADMIN_URI = exports.FRONTEND_URI = exports.SPECIAL_URI = exports.COMPATIBLE_API_VERSION = exports.API_VERSION = exports.SESSION_DURATION = exports.DAY = exports.VERSION = exports.BUILD_TIMESTAMP = exports.HFS_STARTED = exports.ORIGINAL_CWD = exports.DEV = exports.argv = void 0;
+const minimist_1 = __importDefault(require("minimist"));
+const fs = __importStar(require("fs"));
+const os_1 = require("os");
+const fs_1 = require("fs");
+const path_1 = require("path");
+exports.argv = (0, minimist_1.default)(process.argv.slice(2));
+exports.DEV = process.env.DEV || exports.argv.dev ? 'DEV' : '';
+exports.ORIGINAL_CWD = process.cwd();
+exports.HFS_STARTED = new Date();
+const PKG_PATH = (0, path_1.join)(__dirname, '..', 'package.json');
+exports.BUILD_TIMESTAMP = fs.statSync(PKG_PATH).mtime.toISOString();
+const pkg = JSON.parse(fs.readFileSync(PKG_PATH, 'utf8'));
+exports.VERSION = pkg.version;
+exports.DAY = 86400000;
+exports.SESSION_DURATION = exports.DAY;
+exports.API_VERSION = 4; // introduced type:real_path and api.subscribeConfig/setConfig/getHfsConfig
+exports.COMPATIBLE_API_VERSION = 1; // while changes in the api are not breaking, this number stays the same, otherwise is made equal to API_VERSION
+exports.SPECIAL_URI = '/~/';
+exports.FRONTEND_URI = exports.SPECIAL_URI + 'frontend/';
+exports.ADMIN_URI = exports.SPECIAL_URI + 'admin/';
+exports.API_URI = exports.SPECIAL_URI + 'api/';
+exports.PLUGINS_PUB_URI = exports.SPECIAL_URI + 'plugins/';
+exports.METHOD_NOT_ALLOWED = 405;
+exports.NO_CONTENT = 204;
+exports.FORBIDDEN = 403;
+exports.UNAUTHORIZED = 401;
+exports.IS_WINDOWS = process.platform === 'win32';
+const IS_BINARY = !(0, path_1.basename)(process.argv0).includes('node'); // this won't be node if pkg was used
+exports.APP_PATH = (0, path_1.dirname)(IS_BINARY ? process.argv0 : __dirname);
+// we want this to be the first stuff to be printed, then we print it in this module, that is executed at the beginning
+if (exports.DEV)
+    console.clear();
+else
+    console.debug = () => { };
+console.log(`HFS ~ HTTP File Server - Copyright 2021-2022, Massimo Melina <a@rejetto.com>`);
+console.log(`License https://www.gnu.org/licenses/gpl-3.0.txt`);
+console.log('started', exports.HFS_STARTED.toLocaleString(), exports.DEV);
+console.log('version', exports.VERSION || '-');
+console.log('build', exports.BUILD_TIMESTAMP || '-');
+if (exports.argv.cwd)
+    process.chdir(exports.argv.cwd);
+else if (!process.argv0.endsWith('.exe')) { // still considering whether to use this behavior with Windows users, who may be less accustomed to it
+    const dir = (0, path_1.join)((0, os_1.homedir)(), '.hfs');
+    try {
+        (0, fs_1.mkdirSync)(dir);
+    }
+    catch (e) {
+        if (e.code !== 'EEXIST')
+            console.error(e);
+    }
+    process.chdir(dir);
+}
+console.log('cwd', process.cwd());

package/src/crypt.js

@@ -0,0 +1,21 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyPassword = exports.hashPassword = void 0;
+// simple wrapper
+// @ts-ignore
+const pbkdf2_1 = require("./pbkdf2");
+const assert_1 = __importDefault(require("assert"));
+async function hashPassword(s) {
+    return 'p2:' + await (0, pbkdf2_1.pbkdf2)(s);
+}
+exports.hashPassword = hashPassword;
+async function verifyPassword(hashed, given) {
+    const i = hashed.indexOf(':');
+    (0, assert_1.default)(i > 0, 'bad hashed');
+    return await (0, pbkdf2_1.pbkdf2Verify)(hashed.slice(i + 1), given); // for the time being we totally ignore the "method" part
+}
+exports.verifyPassword = verifyPassword;

package/src/debounceAsync.js

@@ -0,0 +1,48 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+// like lodash.debounce, but also avoids async invocations to overlap
+function debounceAsync(callback, wait = 100, { leading = false, maxWait = Infinity } = {}) {
+    let started = 0; // latest callback invocation
+    let runningCallback; // latest callback invocation result
+    let runningDebouncer; // latest wrapper invocation
+    let waitingSince = 0; // we are delaying invocation since
+    let whoIsWaiting; // args' array object identifies the pending instance, and incidentally stores args
+    const interceptingWrapper = (...args) => runningDebouncer = debouncer.apply(null, args);
+    return Object.assign(interceptingWrapper, {
+        cancel: () => {
+            waitingSince = 0;
+            whoIsWaiting = undefined;
+        },
+        flush: () => runningCallback !== null && runningCallback !== void 0 ? runningCallback : exec(),
+    });
+    async function debouncer(...args) {
+        if (runningCallback)
+            return await runningCallback;
+        whoIsWaiting = args;
+        waitingSince || (waitingSince = Date.now());
+        const waitingCap = maxWait - (Date.now() - (waitingSince || started));
+        const waitFor = Math.min(waitingCap, leading ? wait - (Date.now() - started) : wait);
+        if (waitFor > 0)
+            await new Promise(resolve => setTimeout(resolve, waitFor));
+        if (!whoIsWaiting) // canceled
+            return void (waitingSince = 0);
+        if (whoIsWaiting !== args) // another fresher call is waiting
+            return runningDebouncer;
+        return await exec();
+    }
+    async function exec() {
+        if (!whoIsWaiting)
+            return;
+        waitingSince = 0;
+        started = Date.now();
+        try {
+            runningCallback = callback.apply(null, whoIsWaiting);
+            return await runningCallback;
+        }
+        finally {
+            whoIsWaiting = undefined;
+            runningCallback = undefined;
+        }
+    }
+}
+exports.default = debounceAsync;

package/src/events.js

@@ -0,0 +1,9 @@
+"use strict";
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const events_1 = __importDefault(require("events"));
+// app-wide events
+exports.default = new events_1.default();